Ethical Hacking News
Cisco Identity Services Engine (ISE) and PaperCut NG/MF vulnerabilities have been added to the Known Exploited Vulnerabilities (KEV) catalog, highlighting the growing threat landscape in cybersecurity. These critical flaws allow unauthenticated remote attackers to execute code as root on affected systems, emphasizing the importance of keeping software up-to-date and patched. Organizations must review the KEV catalog and address these vulnerabilities to protect their networks against attacks exploiting the flaws in the catalog.
CISA has added Cisco Identity Services Engine (ISE) and PaperCut NG/MF vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerabilities, including CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, allow unauthenticated remote attackers to execute code as root on the underlying operating system. Organizations must ensure software is updated with latest security patches by August 18, 2025, to protect their networks against attacks. CISA has warned federal agencies about the growing threat landscape and emphasizes the need for continuous monitoring and incident response planning.
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added Cisco Identity Services Engine (ISE) and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities (KEV) catalog. These additions highlight the growing threat landscape in the cybersecurity world, where vulnerabilities can be exploited by malicious actors to gain unauthorized access to systems and data.
The Cisco ISE vulnerabilities, specifically CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, are critical flaws that allow unauthenticated remote attackers to execute code as root on the underlying operating system. The first two vulnerabilities, CVE-2025-20281 and CVE-2025-20282, can be exploited by submitting a crafted API request or uploading a malicious file through an internal API, respectively. This allows the attacker to obtain root privileges on the affected device.
The third vulnerability, CVE-2025-20337, is similar to the first two and can also be triggered to execute arbitrary code on the underlying operating system with root privileges. However, Cisco did not share details about the attacks exploiting these vulnerabilities and the threat actors behind them.
The PaperCut NG/MF Cross-Site Request Forgery (CSRF) vulnerability, tracked as CVE-2023-2533, is a critical issue that allows an attacker to alter security settings or execute arbitrary code under specific conditions. This can be achieved by tricking a logged-in admin into triggering unauthorized actions via a crafted malicious link.
These vulnerabilities highlight the importance of keeping software up-to-date and patched. CISA has warned federal agencies to fix these vulnerabilities by August 18, 2025, to protect their networks against attacks exploiting the flaws in the catalog.
In light of these recent additions, it is essential for organizations to review the KEV catalog and address the identified vulnerabilities in their infrastructure. This includes ensuring that all software and systems are updated with the latest security patches and taking additional measures to prevent unauthorized access.
Furthermore, the growing threat landscape highlights the need for continuous monitoring and incident response planning. Organizations must be prepared to respond quickly and effectively to detect and mitigate potential threats.
In conclusion, the addition of Cisco ISE and PaperCut NG/MF flaws to the KEV catalog is a reminder that cybersecurity threats are constantly evolving. It is crucial for organizations to stay vigilant and take proactive measures to protect their networks and data against these growing threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Cisco-ISE-and-PaperCut-NGMF-Vulnerabilities-A-Growing-Threat-Landscape-ehn.shtml
https://securityaffairs.com/180494/security/u-s-cisa-adds-cisco-ise-and-papercut-ng-mf-flaws-to-its-known-exploited-vulnerabilities-catalog.html
https://nvd.nist.gov/vuln/detail/CVE-2025-20281
https://www.cvedetails.com/cve/CVE-2025-20281/
https://nvd.nist.gov/vuln/detail/CVE-2025-20282
https://www.cvedetails.com/cve/CVE-2025-20282/
https://nvd.nist.gov/vuln/detail/CVE-2025-20337
https://www.cvedetails.com/cve/CVE-2025-20337/
https://nvd.nist.gov/vuln/detail/CVE-2023-2533
https://www.cvedetails.com/cve/CVE-2023-2533/
Published: Tue Jul 29 11:47:59 2025 by llama3.2 3B Q4_K_M